Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7c33b5e7ed9500eec23c7eb3d499444e_JaffaCakes118

  • Size

    136KB

  • Sample

    240528-jf54ksbb9x

  • MD5

    7c33b5e7ed9500eec23c7eb3d499444e

  • SHA1

    88c5d65376de3fc2718052b7e2fd9de48230cb2e

  • SHA256

    1c5a8bb042f680abefa2f04bdd7285eb0f50a84ea43bad16999f885711ab7d57

  • SHA512

    b29715c4bf932367523044d7b879032ed91233bcb7fd74005e9f5dd3d444b9c0d76a537faa6928c161102a40fec6f0f7fb2091e60f7d3dd1cecf4d5826f2920f

  • SSDEEP

    1536:d6A6j81ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvadf+a98B2QwsiYTu:Y8GhDS0o9zTGOZD6EbzCduUQw

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

http://shophousekhaisontowncity.com/PL

exe.dropper

http://www.mygidas.lt/m

exe.dropper

http://www.natuhemp.net/m

exe.dropper

http://c-sert.ru/assets/images/zIM8ozmY

exe.dropper

http://nusantararental.com/Z4aZh

Targets

    • Target

      7c33b5e7ed9500eec23c7eb3d499444e_JaffaCakes118

    • Size

      136KB

    • MD5

      7c33b5e7ed9500eec23c7eb3d499444e

    • SHA1

      88c5d65376de3fc2718052b7e2fd9de48230cb2e

    • SHA256

      1c5a8bb042f680abefa2f04bdd7285eb0f50a84ea43bad16999f885711ab7d57

    • SHA512

      b29715c4bf932367523044d7b879032ed91233bcb7fd74005e9f5dd3d444b9c0d76a537faa6928c161102a40fec6f0f7fb2091e60f7d3dd1cecf4d5826f2920f

    • SSDEEP

      1536:d6A6j81ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvadf+a98B2QwsiYTu:Y8GhDS0o9zTGOZD6EbzCduUQw

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks